From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 7A889C5475B for ; Thu, 29 Feb 2024 00:02:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=6t0ZZrwoSgSXwSsV9Vz2oDYxeVxDHYYbKgLun3JlZpw=; b=3Kf9eBZMt6RPAK yjjUIR4aRLlvXNMpB31+t0Cxo5oo1NOERRDqwSP8sjGue8HwmxhBrn+Xg3nTg+C6YYrCsDu8aTadY ouwgZo8SCN9slZdF77Tx1KCfYGtxtXCYwsyomGyAYKTPo5VrSTOI42ERY4qha93x6crNhsm/NmhwI H4mcB0eR/byw3fVAyKg4d4ZYA3Mdz0emqWjQOwIEeAVVv5q0mFfgOJsOuz06GQxJIzxvX4XONqA0U pwHaRWLT6A5o3UXHvJJKYIqYKBfVhh2zJ6rXgjuOYTIk/O0tG8MsvTHH2dlmERS5AM1tYXDp4nTfJ Sw4dme4RbbsyrL9xA8IQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rfTs3-0000000BL2q-1juK; Thu, 29 Feb 2024 00:01:55 +0000 Received: from mail-oi1-x233.google.com ([2607:f8b0:4864:20::233]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rfTs0-0000000BL2O-1qXj for linux-arm-kernel@lists.infradead.org; Thu, 29 Feb 2024 00:01:53 +0000 Received: by mail-oi1-x233.google.com with SMTP id 5614622812f47-3c1a9b567edso129347b6e.3 for ; Wed, 28 Feb 2024 16:01:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1709164911; x=1709769711; darn=lists.infradead.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=iEBIJm8L8y8D/KMJdxSN242jmeihBdO84S0mND9uaps=; b=ndoolo9tnf/VnZ7wZyoXlRJc0cmkswJm0MN0bUAIpEeqOf5AWrJI23jdeIZGs/WuCW aAgnK+UcxDzOzNZOXOpNm9ogT/5S+Y+GF6ixM0XsI671bP/IpiWNVEjQDhPobrIUhlQ5 yrhz7PV2pT9rZk8aMrJs0SxyoLp0X7aeED8H0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709164911; x=1709769711; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=iEBIJm8L8y8D/KMJdxSN242jmeihBdO84S0mND9uaps=; b=wzuplCN8qqwZYsZ5/EXKdOwbueab9x7NvQgrxijjXWtp/I82MT8/rX040jsTtNpAy+ l6PHt3zg/ZCo9rXULMH6pGgVKSPSXyX/iDkFCRsUOVsrrDQd8z4Z7umMEtyxy0DvMKjJ voqtr+hOcTdE5Ddy+M2xFX3Uv6g4c8HUKgWEkNQ8lHw59qIYUzNvSUvR4ral9maXjaao AUiBDbW5rUVimLGzmw3JKmR29RxXBIQUKO34B5xUIckk3IT2Cdyq98qHq8C2Sp9CcAxx 3mQaTaezgqxbXbghx+X7kJbXzBcUg25N+Iq/X+ziaSLcXQTDkFmBF1IcNxtMNsRpg9CA U2Rg== X-Forwarded-Encrypted: i=1; AJvYcCV9z7sma9pHOCZWMEKYJ3MczG4fbC93ZaYiQUrLL2IiOvRZnAajMyauiJe9KyM6+PotNqibSMDM0xkNCataULP7jkRS+AsgfLWv0PdGn9RMlWH/S3A= X-Gm-Message-State: AOJu0YzFHZqbBhv2BG8A1fZ52P59yVuTQlYi6ijLAjmioomzwRQ4T0xQ msw+xGY68ySDKFBQ3QRL2hcSVix62JzHfW/vW+pED8oznnbdR3Hra1aC6OKokg== X-Google-Smtp-Source: AGHT+IGs0rI0VXo4/NJKO1cSeuk/mHsATz8xyv2BYMzSCXsOlf2JpK8n8vhC+odnJINdbkFZX6M9Dw== X-Received: by 2002:a05:6808:19a4:b0:3c1:af9f:a866 with SMTP id bj36-20020a05680819a400b003c1af9fa866mr607658oib.45.1709164910890; Wed, 28 Feb 2024 16:01:50 -0800 (PST) Received: from www.outflux.net ([198.0.35.241]) by smtp.gmail.com with ESMTPSA id a24-20020a631a18000000b005dc491ccdcesm60329pga.14.2024.02.28.16.01.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 Feb 2024 16:01:50 -0800 (PST) Date: Wed, 28 Feb 2024 16:01:49 -0800 From: Kees Cook To: Jakub Kicinski Cc: Andy Shevchenko , Vinod Koul , Linus Walleij , Jonathan Cameron , Mark Brown , linux-arm-kernel@lists.infradead.org, dmaengine@vger.kernel.org, linux-kernel@vger.kernel.org, linux-iio@vger.kernel.org, linux-spi@vger.kernel.org, netdev@vger.kernel.org, linux-hardening@vger.kernel.org, Jonathan Cameron , Lars-Peter Clausen , "David S. Miller" , Eric Dumazet , Paolo Abeni , "Gustavo A. R. Silva" Subject: Re: [PATCH v4 7/8] net-device: Use new helpers from overflow.h in netdevice APIs Message-ID: <202402281554.C1CEEF744@keescook> References: <20240228204919.3680786-1-andriy.shevchenko@linux.intel.com> <20240228204919.3680786-8-andriy.shevchenko@linux.intel.com> <202402281341.AC67EB6E35@keescook> <20240228144148.5c227487@kernel.org> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20240228144148.5c227487@kernel.org> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240228_160152_537749_EF3203CB X-CRM114-Status: GOOD ( 16.87 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Wed, Feb 28, 2024 at 02:41:48PM -0800, Jakub Kicinski wrote: > On Wed, 28 Feb 2024 13:46:10 -0800 Kees Cook wrote: > > I really don't like hiding these trailing allocations from the compiler. > > Why can't something like this be done (totally untested): > > > > > > diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h > > index 118c40258d07..dae6df4fb177 100644 > > --- a/include/linux/netdevice.h > > +++ b/include/linux/netdevice.h > > @@ -2475,6 +2475,8 @@ struct net_device { > > /** @page_pools: page pools created for this netdevice */ > > struct hlist_head page_pools; > > #endif > > + u32 priv_size; > > + u8 priv_data[] __counted_by(priv_size) __aligned(NETDEV_ALIGN); > > I like, FWIW, please submit! :) So, I found several cases where struct net_device is included in the middle of another structure, which makes my proposal more awkward. But I also don't understand why it's in the _middle_. Shouldn't it always be at the beginning (with priv stuff following it?) Quick search and examined manually: git grep 'struct net_device [a-z0-9_]*;' struct rtw89_dev struct ath10k etc. Some even have two included (?) But I still like the idea -- Gustavo has been solving these cases with having two structs, e.g.: struct net_device { ...unchanged... }; struct net_device_alloc { struct net_device dev; u32 priv_size; u8 priv_data[] __counted_by(priv_size) __aligned(NETDEV_ALIGN); }; And internals can use struct net_device_alloc... -Kees -- Kees Cook _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel